Feature: 作为一个律团用户
如果我拥有一个律团的账号
这样我就可以看到受保护的页面

Background:
Given a user exists with:
  | username    | password |
  | 13702325511 | 123456   |

Scenario: 成功登录
Given http "accept" header is "application/json"
And I make a "post" request to "login" with:
| username    | password |
| 13702325511 | 123456   |
Then the response status code should be 200
And the response is in "json" format
And I see elements in the response:
| element_name |
| token        |
| data         |
| status_code  |

Scenario: 登录失败
Given http "accept" header is "application/json"
And I make a "post" request to "login" with:
| username    | password |
| 13702325000 | 123456   |
Then the response status code should be 400
And the response is in "json" format
And I see elements in the response:
| element_name   |
| error_messages |
| status_code    |
And I see error for "password" field "账号或密码错误，请重新登录。"

Scenario: 可以用有效的token来访问被限制的接口
//1. 对login进行post请求，获取token
//2. 使用token访问一个需要登录才可以访问接口
Given http "accept" header is "application/json"
And I make a "post" request to "login" with:
| username    | password   |
| 13702325511 | 123456   |
Given http "authorization" header exists
And I am on "/center/customer/info"
Then the response status code should be 200
And the response is in "json" format

Scenario: 如果使用无效的token，系统会报错
Given http "authorization" header is "bearer 3GNsr9nNU7Ik7gTPFqSwZHeB6KpcTXLZx6oXOBQ5KCa8qPZpiMQN5agY6hvl6757"
And I am on "/center/customer/info"
Then the response status code should be 401
And the response is in "json" format

Scenario: 用户可以通过Basic Auth来登录
// Authorization Basic base64_encode(username:password)
Given http "accept" header is "application/json"
And basic auth header exists with credentials:
| username    | password |
| 13702325511 | 123456   |
And I am on "/center/customer/info"
Then the response status code should be 200
And the response is in "json" format